Add settings page to allow users to change their password

admin.go

@@ -6,6 +6,36 @@ import (
 	"strings"
 )
 
+type settingsData struct {
+	S     Status
+}
+
+func settingsHandler(w http.ResponseWriter, r *http.Request) {
+	sess := GetSession(r)
+	if sess.User == "" {
+		http.NotFound(w, r)
+		return
+	}
+	if r.Method == "POST" {
+		current_pass := r.FormValue("currpass")
+		pass1 := r.FormValue("password1")
+		pass2 := r.FormValue("password2")
+		switch {
+		case !db.UserValid(sess.User, current_pass):
+			sess.Notify("Password error!", "The current password given don't match with the user password. Try again", "error")
+		case pass1 != pass2:
+			sess.Notify("Passwords don't match!", "The new password and the confirmation password don't match. Try again", "error")
+		default:
+			db.SetPassword(sess.User, pass1)
+			sess.Notify("Password updated!", "Your new password is correctly set.", "success")
+		}
+	}
+
+	var data settingsData
+	data.S = GetStatus(w, r)
+	loadTemplate(w, "settings", data)
+}
+
 func deleteHandler(w http.ResponseWriter, r *http.Request) {
 	sess := GetSession(r)
 	if sess.User == "" {

database.go

@@ -56,9 +56,19 @@ func (d *DB) Close() {
 	d.session.Close()
 }
 
-func (d *DB) UserValid(user string, pass string) bool {
+func md5Pass(pass string) []byte {
 	h := md5.New()
 	hash := h.Sum(([]byte)(PASS_SALT + pass))
+	return hash
+}
+
+func (d *DB) SetPassword(user string, pass string) error {
+	hash := md5Pass(pass)
+	return d.user.Update(bson.M{"user": user}, bson.M{"$set": bson.M{"pass": hash}})
+}
+
+func (d *DB) UserValid(user string, pass string) bool {
+	hash := md5Pass(pass)
 	n, err := d.user.Find(bson.M{"user": user, "pass": hash}).Count()
 	if err != nil {
 		return false

template.go

@@ -33,6 +33,7 @@ var templates = template.Must(template.ParseFiles(TEMPLATE_PATH+"header.html",
 	TEMPLATE_PATH+"new.html",
 	TEMPLATE_PATH+"read.html",
 	TEMPLATE_PATH+"edit.html",
+	TEMPLATE_PATH+"settings.html",
 ))
 
 func loadTemplate(w http.ResponseWriter, tmpl string, data interface{}) {

templates/header.html

@@ -67,6 +67,7 @@
 				</a>
 				<ul class="dropdown-menu">
 					<li><a href="/new/"><i class="icon-book"></i> New books</a></li>
+					<li><a href="/settings/"><i class="icon-wrench"></i> Settings</a></li>
 					<li class="divider"></li>
 					<li><a href="/logout/"><i class="icon-off"></i> Log Out</a></li>
 				</ul>

templates/settings.html

@@ -0,0 +1,30 @@
+{{template "header.html" .S}}
+
+<h2>Settings</h2>
+
+<form class="form-horizontal" method="POST">
+	<legend>Change your pasword</legend>
+	<div class="control-group">
+		<label class="control-label" for="currpass">Current password:</label>
+		<div class="controls">
+		<input type="password" name="currpass" id="currpass" /><br />
+		</div>
+	</div>
+	<div class="control-group">
+		<label class="control-label" for="password1">New password:</label>
+		<div class="controls">
+		<input type="password" name="password1" id="password1" />
+		</div>
+		<label class="control-label" for="password2">Confirm password:</label>
+		<div class="controls">
+		<input type="password" name="password2" id="password2" />
+		</div>
+	</div>
+	<div class="control-group">
+		<div class="controls">
+		<button type="submit" class="btn">Change password</button>
+		</div>
+	</div>
+</form>
+
+{{template "footer.html"}}

trantor.go

@@ -143,6 +143,7 @@ func main() {
 	http.HandleFunc("/delete/", deleteHandler)
 	http.HandleFunc("/about/", aboutHandler)
 	http.HandleFunc("/books/", downloadHandler)
+	http.HandleFunc("/settings/", settingsHandler)
 	fileHandler("/img/")
 	fileHandler("/cover/")
 	fileHandler("/css/")